This page provides basic information about the logs in Logging and about their structure.
Logging receives, indexes, and stores log entries from many sources, including Google Cloud, Amazon Web Services (AWS), VM instances running the Logging fluentd agent, and user applications.
All log entries in Logging are represented using a single data
type LogEntry
which defines certain common data for all log entries as well as
carries individual payloads.
Log entry structure
Every log entry in Logging is an object of type
LogEntry
that is characterized by the following information:
- The Google Cloud project or organization that owns the log entry.
- The resource to which the log entry applies. This consists of a resource type from the Monitored Resource List and additional values that denote a specific instance.
- A log name.
- A timestamp.
- A payload, which can be a textPayload, a jsonPayload, or (for GCP services) a protoPayload.
For more information about log entry contents, see the
LogEntry
type in the Logging API.
Agent logs
The Logging agent is a fluentd-based process that can run on supported VM instances.
The Logging agent sends system and third-party logs on the VM instance to Stackdriver Logging, where they appear as separate logs. For more information, see Default Logging Agent logs.
Audit logs
Cloud Audit Logs maintains three types of audit logs: Admin Activity, System Event and Data Access. Google Cloud services write audit log entries to these logs to help you answer the questions of "who did what, where, and when?" within your Google Cloud projects, folders, and organizations.
For a list of Google Cloud services that write audit logs, see Google services with audit logs.
For more information about audit logging, see Cloud Audit Logs.
Logs available in Logging
The logs available in Stackdriver Logging vary depending on which Google Cloud resources you are using in your project. To learn more, visit the Google Cloud Documentation Home and select the appropriate product or service.
Viewing logs
There are several ways to view your log entries:
- To read log entries using the Google Cloud Console, see Logs Viewer overview.
- To read log entries through the Logging API, see entries.list.
- To read log entries using the Google Cloud SDK, see Reading log entries.
Exporting logs
Logging can also export log entries to Cloud Storage, Pub/Sub, and BigQuery. For details, see Overview of Logs Exports.
Logs retention
Individual log entries are kept for a specified length of time and are then deleted. The Logging Quota Policy explains how long log entries are retained.
Pricing
For information on logs pricing, see Stackdriver Pricing.